Search Result

Search Tags: FISMA

In this week's "Inside the Reporter's Notebook," the passage of five cybersecurity bills by Congress in the past week signals a long-coming and much needed change to how agencies defend their computer networks; an interesting bid protest decision flew under the radar that signals yet another challenge to FedBid, the reverse auction contractor and the Justice Department's first foray into the open data world with the launch of
two APIs is noteworthy, but the underlying reason why DoJ could release the software code is really the story here.

Federal agency Inspectors General are submitting annual reports to meet the requirements of the Federal Information Security Management Act. But your agency's networks may not actually be more secure because of that compliance and those reports. Those IG reports are still good news though, says Dan Mintz, former Transportation Department Chief Information Officer and now principal at ESEM Consulting. Dan tells In Depth with Francis Rose that's because the IGs haven't always been so hands-on with FISMA compliance.

In this edition of "Inside the Reporter's Notebook," The Department of Defense releases the results of a study detailing three new approaches to help military services and agencies ensure the security of the commercial clouds they use; what could be the last set of the mostly dreaded annual Federal Information Security Management Act (FISMA) reports are arriving from agency inspector generals and Harvard, the Commerce Department and the Office of Management and Budget are stealing away three senior executives from the White House's Office of Science and Technology Policy.

The Veterans Affairs Department failed its 16th cybersecurity audit in a row, so
it still can't properly protect the private health data of veterans. The VA
Inspector General sees about 6,000 cyber weaknesses in the agency's IT networks,
and says it falls short of complying with the Federal Information Security
Management Act.

The Veterans Affairs Department will not receive the final results for its 2014 FISMA audit until next spring, but auditors already have informed IT officials that they've identified material weaknesses for the 16th year in a row. Department IT officials say progress on closing IG recommendations and securing their systems and data is real.

The Homeland Security Department has reviewed about 18 new or improved cybersecurity tools or technologies that may be added to the continuous diagnostics and mitigation program (CDM). John Streufert, the director of Federal Network Resilience at National Protection and Programs Directorate in DHS, said CDM is not delayed and on track to deliver results.

Security concerns remain a major hurdle for federal agencies considering public
clouds, especially when it comes to migrating mission-critical workloads.
Agencies that have invested in their existing infrastructure still want to
leverage the benefits of cloud utility-based services while meeting the
compliance requirements of FISMA-High. How can government use public clouds to manage costs and improve IT service delivery to end users while overcoming security concerns and meeting FISMA- High?

In fiscal 2015 FISMA guidance, OMB is trying to close a big hole exposed during the government's reaction to the Heartbleed vulnerability. The White House is giving DHS the authority to regularly conduct proactive scans of certain civilian agency networks. DHS made it clear to Congress earlier this year the delay in getting permission from agencies to scan their networks cost them days in response time during Heartbleed.